3 replies to this topic

[Quark]

hi, i could not delete or rename a registry:


HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}

it is preventing me from installing adobe acrobat.

Can anyone shed some light on this?

Thanks~!!


Logfile of HijackThis v1.99.1
Scan saved at 3:44:56 PM, on 2/26/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\unzipped\hijackthis\HijackThis.exe
C:\WINDOWS\system32\conime.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Registrar Lite\rl.exe

O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FLASHGET\jccatch.dll
O2 - BHO: (no name) - {FA3CF5E2-BF33-4ED5-A0BF-2BB714CA72E3} - C:\WINDOWS\System32\ifggh.dll (file missing)
O3 - Toolbar: &Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\fgiebar.dll
O4 - HKLM\..\Run: [vptray] C:\Program Files\NavNT\vptray.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033 -noicon
O4 - HKLM\..\Run: [AdaptecDirectCD] C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe
O4 - HKLM\..\Run: [POINTER] point32.exe
O4 - HKLM\..\Run: [AEZBProc] c:\ibmtools\aptezbtn\aptezbp.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [zSPGuard] c:\program files\pjw\spguard\spguard.exe /s
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Microsoft Broadband Networking.lnk = %SystemRoot%\Installer\{06B2B442-19FE-4398-BD4B-F5C00928DD8E}\_18be6784.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra button: 15Y§K?|@‥E?·??·j¯A?TAo,an30EE?|@‥E?v-μ,￥u??13,±D§÷￥u??a￥o§K? - {1160BB39-C161-4f84-9438-8B9B0C9409F5} - http://www.15y.net (file missing)
O9 - Extra 'Tools' menuitem: 15Y|@‥E?·?? - {1160BB39-C161-4f84-9438-8B9B0C9409F5} - http://www.15y.net (file missing)
O9 - Extra button: Short Message - {5DA5CC16-90A8-4c78-AB5E-596BAEDD1289} - http://sms.3721.com/ie/index.htm (file missing)
O9 - Extra button: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\flashget.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/200305...meInstaller.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1136338732781
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.5.0) -
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://zone.msn.com/...aploader_v6.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\System32\NavLogon.dll
O23 - Service: DefWatch - Symantec Corporation - C:\Program Files\NavNT\defwatch.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\Program Files\NavNT\rtvscan.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe

[AndyManchesta]

Hi Eugene,

There's no signs of any active infections in your log but there is a couple of entries to remove. The CLSID (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) thats giving the error and preventing Adobe being installed is from Adobe, Its their BHO (Browser Helper Object) but it looks like it failed to add a path to the file as its showing in your Hijack This Log with the details missing, It should look like this:

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx

I can see conime.exe is running which would indicate the locale of the computer is set to 932 (Japanese), 936 (Chinese), 949 (Korean Unified Hangul), or 950 (Chinese Big5 Extended) but let me know if Im wrong about that, Here's a support page from Adobe showing common download problems, it doesnt describe your fault but there is contact details for Adobe on there to report a download problem if its needed.

Check your Add/Remove screen (Start Menu > Control Panel > Add/Remove Programs) for Adobe Acrobat and remove if found.

Run Hijack This and choose system scan then place checks next to these entries:

O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - (no file)

O2 - BHO: (no name) - {FA3CF5E2-BF33-4ED5-A0BF-2BB714CA72E3} - C:\WINDOWS\System32\ifggh.dll (file missing)

O3 - Toolbar: &Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)

O9 - Extra button: 15Y¡±K?|@¡LE?¡P??¡Pj¡ÂA?TAo,an30EE?|@¡LE?v-£g,¢Du??13,¡ÓD¡±¡Ò¢Du??a¢Do¡±K? - {1160BB39-C161-4f84-9438-8B9B0C9409F5} - http:// www.15y.net(file missing)

O9 - Extra 'Tools' menuitem: 15Y|@¡LE?¡P?? - {1160BB39-C161-4f84-9438-8B9B0C9409F5} - http:// www.15y.net (file missing)

O9 - Extra button: Short Message - {5DA5CC16-90A8-4c78-AB5E-596BAEDD1289} - http:// sms.3721.com/ie/index.htm (file missing)

O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.5.0) -

With the above checked close all open Browser and other windows then press the 'Fix Checked' button.

Next Download Ccleaner from Here if you dont already have it installed, When Installing it will display the agreement then show the install location, press next again and it will open the Install Options screen, Uncheck the bottom option which is 'Install Ccleaner Yahoo! Toolbar' then press 'Install' Open Ccleaner and press the Run Cleaner button then use the 'Issues' feature and choose scan for issues, Fix any that are found then run it again to make sure it shows clear.

Reboot and try to install Adobe again or consider installing Foxit Reader which works in the same way and uses less system resources.

Let us know how it goes

Andy

[Quark]

Hi Andy,

Sorry for the overly late reply, suffered from a broken router and dying internet service.

Thanks for your reply, and i performed the steps you suggested. My computer startup time has increased significantly after clearing those registries, THANK YOU!!

However, i still get the same problem while trying to install adobe. But i guess it's ok, i think it's time to give my comptuer a good format... i havn't format it since i got it 4 years ago. For now i m using fox reader, i think it's pretty good, excpet the search function is a lil messed up and print function doesnt work very well with mult-page... but it will do for now...

Thanks for all your help though!!!!

All the best

Eugene

[AndyManchesta]

Hi Eugene

Sorry I couldnt help you find the solution but consider contacting Adobe before you format as they may have heard of this issue before and have alternative solutions or install files that may work for you.

All The Best

Andy